anytun-controld.cpp

   1 /*
   2  *  anytun
   3  *
   4  *  The secure anycast tunneling protocol (satp) defines a protocol used
   5  *  for communication between any combination of unicast and anycast
   6  *  tunnel endpoints.  It has less protocol overhead than IPSec in Tunnel
   7  *  mode and allows tunneling of every ETHER TYPE protocol (e.g.
   8  *  ethernet, ip, arp ...). satp directly includes cryptography and
   9  *  message authentication based on the methodes used by SRTP.  It is
  10  *  intended to deliver a generic, scaleable and secure solution for
  11  *  tunneling and relaying of packets of any protocol.
  12  *
  13  *
  14  *  Copyright (C) 2007 anytun.org <satp@wirdorange.org>
  15  *
  16  *  This program is free software; you can redistribute it and/or modify
  17  *  it under the terms of the GNU General Public License version 2
  18  *  as published by the Free Software Foundation.
  19  *
  20  *  This program is distributed in the hope that it will be useful,
  21  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  22  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  23  *  GNU General Public License for more details.
  24  *
  25  *  You should have received a copy of the GNU General Public License
  26  *  along with this program (see the file COPYING included with this
  27  *  distribution); if not, write to the Free Software Foundation, Inc.,
  28  *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  29  */
  30
  31 #include <iostream>
  32 #include <fstream>
  33 #include <poll.h>
  34 #include <fcntl.h>
  35 #include <pwd.h>
  36 #include <grp.h>
  37
  38 #include "datatypes.h"
  39
  40 #include "log.h"
  41 #include "signalController.h"
  42 #include "anymuxOptions.h"
  43
  44 #include "muxSocket.h"
  45 #include "Sockets/ListenSocket.h"
  46 #include "Sockets/SocketHandler.h"
  47
  48
  49 class ThreadParam
  50 {
  51 public:
  52   ThreadParam() : addr(""), port(0) {};
  53   std::string addr;
  54   u_int16_t port;
  55 };
  56
  57
  58 void* syncListener(void* p )
  59 {
  60   ThreadParam* param = reinterpret_cast<ThreadParam*>(p);
  61         SOCKETS_NAMESPACE::SocketHandler h;
  62         SOCKETS_NAMESPACE::ListenSocket<MuxSocket> l(h,true);
  63
  64         if( l.Bind(param->addr, param->port) )
  65                 pthread_exit(NULL);
  66
  67         Utility::ResolveLocal(); // resolve local hostname
  68         h.Add(&l);
  69         h.Select(1,0);
  70         while (1) {
  71                 h.Select(1,0);
  72         }
  73 }
  74
  75 void chrootAndDrop(std::string const& chrootdir, std::string const& username)
  76 {
  77         if (getuid() != 0)
  78         {
  79           std::cerr << "this programm has to be run as root in order to run in a chroot" << std::endl;
  80                 exit(-1);
  81         }
  82
  83   struct passwd *pw = getpwnam(username.c_str());
  84         if(pw) {
  85                 if(chroot(chrootdir.c_str()))
  86                 {
  87       std::cerr << "can't chroot to " << chrootdir << std::endl;
  88       exit(-1);
  89                 }
  90     cLog.msg(Log::PRIO_NOTICE) << "we are in chroot jail (" << chrootdir << ") now" << std::endl;
  91     chdir("/");
  92                 if (initgroups(pw->pw_name, pw->pw_gid) || setgid(pw->pw_gid) || setuid(pw->pw_uid))
  93                 {
  94                         std::cerr << "can't drop to user " << username << " " << pw->pw_uid << ":" << pw->pw_gid << std::endl;
  95                         exit(-1);
  96                 }
  97     cLog.msg(Log::PRIO_NOTICE) << "dropped user to " << username << " " << pw->pw_uid << ":" << pw->pw_gid << std::endl;
  98         }
  99         else
 100   {
 101     std::cerr << "unknown user " << username << std::endl;
 102     exit(-1);
 103         }
 104 }
 105
 106 void daemonize()
 107 {
 108   pid_t pid;
 109
 110   pid = fork();
 111   if(pid) exit(0);
 112   setsid();
 113   pid = fork();
 114   if(pid) exit(0);
 115
 116 //  std::cout << "running in background now..." << std::endl;
 117
 118   int fd;
 119 //  for (fd=getdtablesize();fd>=0;--fd) // close all file descriptors
 120   for (fd=0;fd<=2;fd++) // close all file descriptors
 121     close(fd);
 122   fd=open("/dev/null",O_RDWR);        // stdin
 123   dup(fd);                            // stdout
 124   dup(fd);                            // stderr
 125   umask(027);
 126 }
 127
 128 int main(int argc, char* argv[])
 129 {
 130   if(!gOpt.parse(argc, argv))
 131   {
 132     gOpt.printUsage();
 133     exit(-1);
 134   }
 135
 136   std::ifstream file( gOpt.getFileName().c_str() );
 137   if( file.is_open() )
 138     file.close();
 139   else
 140   {
 141     std::cout << "ERROR: unable to open file!" << std::endl;
 142     exit(-1);
 143   }
 144
 145   std::ofstream pidFile;
 146   if(gOpt.getPidFile() != "") {
 147     pidFile.open(gOpt.getPidFile().c_str());
 148     if(!pidFile.is_open()) {
 149       std::cout << "can't open pid file" << std::endl;
 150     }
 151   }
 152
 153   if(gOpt.getChroot())
 154     chrootAndDrop(gOpt.getChrootDir(), gOpt.getUsername());
 155   if(gOpt.getDaemonize())
 156     daemonize();
 157
 158   if(pidFile.is_open()) {
 159     pid_t pid = getpid();
 160     pidFile << pid;
 161     pidFile.close();
 162   }
 163
 164   SignalController sig;
 165   sig.init();
 166
 167   ThreadParam p;
 168   p.addr = gOpt.getBindToAddr();
 169   p.port = gOpt.getBindToPort();
 170         pthread_t syncListenerThread;
 171         pthread_create(&syncListenerThread, NULL, syncListener, &p);
 172
 173         int ret = sig.run();
 174
 175         pthread_cancel(syncListenerThread);
 176
 177         pthread_join(syncListenerThread, NULL);
 178
 179   return ret;
 180 }
 181